Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+665: Reprisals for the Kyivstar hack. (CyberWire) Ukrainian hacktivist auxiliaries undertake reprisals for the Kyivstar hack, and Russian disinformation tacks toward a narrative of the Russian World as it takes advantage of technological advances.
Hamas insists on end to Israel’s offensive in Gaza before hostage talks can begin (the Guardian) UN security council resolution calling for ceasefire and more aid deliveries delayed again at the request of the US
Russia-Ukraine war: List of key events, day 666 (Al Jzeera) As the war enters its 666th day, these are the main developments.
Russia shells 6 communities in Sumy Oblast (The Kyiv Independent) Russian forces attacked six communities along the Sumy Oblast border on Dec. 20, firing 14 times over the course of the day, the Sumy Oblast military administration reported.
Captured Russian weapons, an ammo crisis and a new NATO ally: 5 stories from Europe in 2023 (Breaking Defense) Alliance expansion might force Russia to reassess a strategic calculus around a war beyond Ukraine’s borders, but tough questions around just how long Kyiv can defend itself are beginning to be asked.
While Washington Dickers, Tiny Bulgaria Races To Supply Ukraine With Bullets, Tank Shells, and Armor (The New York Sun) Russia’s neighbors — from Norway and Finland to Romania and Bulgaria — see helping Ukraine as an existential necessity for the defense of eastern and…
Expert Opinion: To Win in Ukraine, We Must Prove Putin Wrong (The Cipher Brief) Cipher Brief expert and former Chief of CIA's Central Eurasia Division Rob Dannenberg shares his insights on how to win in Ukraine
Putin’s dead end | The Strategist (The Strategist) In his annual press conference, Russian President Vladimir Putin made it clear that he will be ready for a peace settlement with Ukraine only after he has achieved his goals, which haven’t changed since he ...
Orban Isn’t the EU’s Trump (World Politics Review) The EU’s struggle to manage rogue member states is a chronic but manageable condition. The US’ Trump problem is much more acute.
European Allies’ Views of Russia’s Nuclear Policy after the Escalation of Its War in Ukraine (Real Clear Defense) Russia’s nuclear threats have not gone unnoticed among citizens of European nations, including in those countries that reportedly host U.S. battlefield (also sometimes called tactical or short-range) nuclear weapons (Belgium, Germany, Italy, the Netherlands and Turkey[1]).
Ukraine’s Front-Line Troops Are Getting Older: ‘Physically, I Can’t Handle This’ (Wall Street Journal) Corruption and fear are hindering effort to rebuild army
Ukrainian hackers breach Rosvodokanal, seize data of Russia's largest private water utility (RBC-Ukraine) Ukrainian hackers, reportedly with support from the Security Service (SSU), sought revenge for the recent cyberattack on Kyivstar and destroyed the IT infrastructure of the Russian major private water-supply company Rosvodokanal, according to RBC-Ukraine's own sources.
Ukrainian hackers report successful attack on Russian Bitrix service (Ukrainska Pravda) Hackers from the IT Army of Ukraine have announced that they have carried out a successful attack on the servers of Bitrix24, a service used by major Russian companies such as Rosneft.
Uninterrupted communications for critical infrastructure: Ukraine gets 5,000 more Starlinks from Poland (Ministry of Digital Transformation of Ukraine) The Polish government has handed over another 5,000 Starlinks to Ukraine. The terminals are being transferred to critical infrastructure facilities and frontline areas to ensure uninterrupted communications.
How pro-Russian 'yacht' propaganda influenced US debate over Ukraine aid (BBC) A false rumour spread by a dubious AI-powered website caught the attention of leading politicians.
The legal case for seizing Russia’s assets (Financial Times) G7 allies are debating whether to spend Moscow’s frozen funds to support Ukraine
Germany moves to seize €720mn of Russian group’s assets (Financial Times) Bid to take cash from financial institution comes as west explores ways to seize assets of Russia’s central bank
U.S. Makes a New Attempt to Stifle Russian Oil Trade (Wall Street Journal) Treasury Department imposes blocking sanctions on three trading firms that have emerged as important players in the Russian petroleum market
Russia Jails Men for Funding Far-Right Ukraine Group (The Moscow Times) Russia on Thursday handed long jail sentences to a Ukrainian man and another individual for financing an ultranationalist group in Ukraine by selling illegal drugs.
Attacks, Threats, and Vulnerabilities
Web injections are back on the rise: 40+ banks affected by new malware campaign (Security Intelligence) DanaBot is a sophisticated banking trojan targeting financial institutions and their customers. Now, a new global campaign has put more users at risk.
This JavaScript code hit 50K online banking sessions in 2023 (Register) Why keeping your PC secure and free of malware remains paramount
Crypto scammers abuse Twitter ‘feature’ to impersonate high-profile accounts (BleepingComputer) Cryptocurrency scammers are abusing a legitimate Twitter "feature" to promote scams, fake giveaways, and fraudulent Telegram channels used to steal your crypto and NFTs.
Threat Actors Exploit CVE-2017-11882 To Deliver Agent Tesla (Zscaler) Understand how threat actors exploit CVE-2017-11882 to deliver Agent Tesla for data exfiltration
Attackers Exploit 6-Year-Old Microsoft Office Bug to Spread Spyware (Dark Reading) Malicious attachments that exploit an RCE flaw from 2017 are propagating Agent Tesla, via socially engineered emails and an evasive infection method.
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware (Cisco Talos Blog) Talos revealed that rebooting an iOS or Android device may not remove the Predator spyware produced by Intellexa. Intellexa knows if their customers intend to perform surveillance operations on foreign soil.
Cybercriminals target UAE residents, visitors in new info-stealing campaign (Record) A group of hackers in recent months has attempted to steal personal and financial information from residents and visitors of the United Arab Emirates in a new text-based phishing campaign, according to new research.
Cybercrims target hotel staff for management credentials (Register) Research highlights how major attacks like those exploiting Booking.com are executed
The Naughty List: scammers exploit Christmas Eve rush with fake deliveries (Group-IB) Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, has detected a sharp increase in the number of fake delivery websites just weeks before Christmas.
Seasonal-themed scams hit user inboxes in the run-up to Christmas, Bitdefender Antispam Lab warns (Hot for Security) During the winter holidays, online scams and unsolicited emails increase
considerably and malicious spammers, as usual, begin celebrating early.
Microsoft Alert: COLDRIVER Credential Theft Rising Again (TuxCare) Stay informed on the surge in COLDRIVER credential theft. Microsoft's alert reveals the latest tactics. Safeguard your data now!
Hacker Sells Access to Customer Data from Brazil ISPs (SafetyDetectives) A hacker is selling information allegedly stolen from Brazil-based internet service providers (ISPs)
The SafetyDetectives cybersecurity team found a forum post
Nearly 3 million affected by ransomware attack on medical software firm (Record) Austin-based ESO Solutions said a ransomware attack allowed hackers to access patient health information.
Indian tech giant HCL investigating ransomware attack (Record) In a regulatory filing, HCL Technologies said it “has become aware of a ransomware incident in an isolated cloud environment for one of its projects.”
Wolverine part of massive Insomniac Games leak after ransomware deadline passes (The Verge) 1.67 terabytes of data comprising over 1.3 million files.
Data Leak Exposes 1.5 Billion Real Estate Records, Including Elon Musk, Kylie Jenner (Hackread - Latest Cybersecurity News, Press Releases & Technology Today) A Campbell, New York-based real estate training platform called Real Estate Wealth Network exposed a massive treasure trove of real estate records due to cloud server misconfiguration.
COC alerts employees to third-party data breach (Santa Clarita Valley Signal) Unauthorized data breach via the college’s insurance provider affects more than 2,400 current, former employees College of the Canyons is communicating with more than 2,400 affected personnel after an unauthorized data breach through its insurance provider, according to Eric Harnish, a spokesman for the college. Keenan & Associates, a Torrance-based consulting and brokerage firm which […]
Security Patches, Mitigations, and Software Updates
Apple Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency | CISA) Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and macOS Sonoma. A cyber threat actor could exploit one of these vulnerabilities to obtain sensitive information.
Mozilla Releases Security Updates for Firefox and Thunderbird | CISA (Cybersecurity and Infrastructure Security Agency CISA)
Trends
Annual Payment Fraud Intelligence Report: 2023 (Recorded Future) Throughout 2023, many indications suggested that the payment fraud underground has begun to recover from Russian law enforcement’s crackdown against domestic cybercriminals and the subsequent full-scale Russian invasion of Ukraine in 2022.
Regulators Got Tough on Cyber in 2023 as Crime Soared (Wall Street Journal) Regulators Got Tough on Cyber in 2023 as Crime Soared
7 Security Trends to Watch Heading into 2024 (Information Week) Challenges and opportunities old and new will shape another year in the cybersecurity space.
Tracking Ransomware: November 2023 (CYFIRMA) This CYFIRMA Monthly Ransomware Report thoroughly analyses ransomware activity in November 2023, covering significant attacks, the top five ransomware families, geographical distribution, targeted industries, evolution of attacks, vulnerabilities exploited by ransomware groups, and trends
Marketplace
Proofpoint closes acquisition of Tessian (iTWire) Cybersecurity and compliance company Proofpoint has completed the acquisition of AI-based Cloud Email Security provider Tessian. Proofpoint says combining its industry-leading threat and data loss protection technology and intelligence with Tessan's AI-powered behavioral and dynamic detection wi...
Anthropic to Raise $750 Million in Menlo Ventures-Led Deal (The Information) Anthropic is in talks to raise $750 million in a venture round led by Menlo Ventures that values the two-year-old artificial intelligence startup at $15 billion not including the investment, more than three times its valuation this spring, according to two people with direct knowledge of the ...
BlackBerry posts surprise quarterly profit on resilient cybersecurity demand (Moneycontrol) BlackBerry (BB.TO) reports unexpected quarterly profit, driven by robust demand for cybersecurity services amid escalating online threats; stable spending despite overall IT downturn.
Cybersecurity Leader Ranell Gonzales Joins Cybrella as Vice President of Global Sales and Alliances (PR Newswire) Cybrella, a prominent player in the cybersecurity advisory space, is thrilled to welcome Ranell Gonzales as the new Vice President of Global...
Products, Services, and Solutions
Independent Technical Evaluation from Technology Advancement Center Finds Darktrace Federal Cyber AI Mission Defense Provides Comprehensive Visibility and Detection for IT and OT Environments (PR Newswire) Darktrace Federal announced that the Technology Advancement Center (TAC) completed an independent technical evaluation of the Darktrace Federal...
Saviynt Recognized as a 2023 Gartner® Peer Insights™ Customers’ Choice for IGA (Saviynt) Converged identity security company is recognized as a Customers’ Choice for 3 years in a row
Saviynt helps Danfoss cut the time to onboard new employees by 83 percent (Saviynt) Saviynt Enterprise Identity Cloud enables engineering and manufacturing company to manage and secure 45,000 digital identities across 100 countries
The Limitations of Google Play Integrity API (ex SafetyNet) (Approov) Explore the history, uses, and limitations of the Google Play Integrity API (formerly SafetyNet); compare and contrast it with Approov's mobile security.
Stellar Cyber integrates with SentinelOne for enhanced cybersecurity across environments (Help Net Security) Stellar Cyber and SentinelOne integration boosts cybersecurity across on-premises, cloud, hybrid, and IT/OT environments.
Microsoft teams up with Silobreaker to enhance cybersecurity with MDTI intelligence (MSPoweruser) Microsoft and Silobreaker announced an integration between Microsoft Defender Threat Intelligence (MDTI) and Silobreaker's 360 Search platform.
Technologies, Techniques, and Standards
The Disturbing Impact of the Cyberattack at the British Library (The New Yorker) The library has been incapacitated since October, and the effects have spread beyond researchers and book lovers.
The cult of tech could push us into a new Dark Age (The Telegraph) It is senseless to destroy historical documents and assume digital versions will survive the centuries
CISA seeking comments on its ‘secure by design’ guidance (FedScoop) The agency’s request for information on its software security white paper “acknowledges that security by design is not easy,” and that additional comments from manufacturers and other interested parties are needed.
What's the Best Way to Communicate After a Data Breach? (Dark Reading) So you've had a data breach, and now you need to take the next step. Here's a guide for communicators dealing with security incidents from Ashley Sawatsky of Rootly.
Research and Development
The FTC Voice Cloning Challenge (US Federal Trade Commission) Voice cloning technology is becoming increasing sophisticated due to improving text-to-speech AI.
GPT and other AI models can't analyze an SEC filing, researchers find (CNBC) The findings from Patronus AI highlight some of the challenges of using AI models within big companies in regulated industries like finance.
Legislation, Policy, and Regulation
Biden administration takes first step toward writing key AI standards (Reuters) The Biden administration said on Tuesday it was taking the first step toward writing key standards and guidance for the safe deployment of generative artificial intelligence and how to test and safeguard systems.
How Congress can rein in data brokers (CyberScoop) Know your customer rules are a first step to address the risks of sensitive data — including on U.S. military servicemembers — sold online.
U.S. Regulators Propose New Online Privacy Safeguards for Children (New York Times) The F.T.C. called for sweeping changes that could curb how social media, game and learning apps use and monetize youngsters’ data.
FTC Proposes Curbing Targeted Advertising to Children Online (Wall Street Journal) Agency seeks to bolster 1998 law by requiring targeted ads for children to be turned off by default
FTC proposes tougher children’s data privacy rules for first time in a decade (Record) The agency is proposing new restrictions on the use and disclosure of children’s personal data and wants to make it much harder for companies to exclude children from their services if they can’t monetize their data.
The Obscure Google Deal That Defines America’s Broken Privacy Protections (WIRED) Google’s doomed social network Buzz led US regulators to force Google and Meta to monitor their own data use. Insiders say the results were mixed, as pressure mounts for a federal privacy law.
Litigation, Investigation, and Law Enforcement
Julian Assange's 'Final' Appeal Against US Extradition to be Held in February (Voice of America) Assange is wanted by the U.S. on 18 counts relating to WikiLeaks' release of confidential U.S. military records
ALPHV's Downfall? The 2023 Crackdown on BlackCat Ransomware (Flashpoint) Exploring the impact of ALPHV's ransomware blog takedown by law enforcement and its impact on the greater cyber threat landscape
ALPHV Ransomware Site Outage: What We Know So Far (ReliaQuest) The ALPHV ransomware data-leak site has been offline for 30 hours, raising speculation of disruption by law enforcement activity. Here's what we know so far.
How hard has the BlackCat ransomware group been hit by the FBI? (Tech Wire Asia) The BlackCat ransomware group has been around since November 2021 targeting organizations globally. Has the FBI just hit it hard?
German police take down Kingdom Market, a darknet emporium of illicit goods (Record) German police said they posted a takedown notice on the website and are now analyzing Kingdom Market's server infrastructure to identify the people behind the website's operation.
AI cannot be patent 'inventor', UK Supreme Court rules in landmark case (Reuters) A U.S. computer scientist on Wednesday lost his bid to register patents over inventions created by his artificial intelligence system in a landmark case in Britain about whether AI can own patent rights.
Judge Gives Prosecutors Access to G.O.P. Lawmaker’s Messages in Jan. 6 Case (New York Times) The roughly 1,700 messages are from the cellphone of Representative Scott Perry, who was involved in discussions with Trump administration officials about overturning the election.
Rite Aid Banned From Using AI Facial Recognition in FTC Settlement (Wall Street Journal) The company said it ‘fundamentally’ disagrees with the allegations
The couch surfing predator: how a group of women were drugged and assaulted – then fought back (the Guardian) Dino Maglio, a former Italian police officer, opened up his home to young women travellers, many of whom suffered at his hands. As scattered as they were, legal action seemed impossible. But as their numbers grew, so too did their determination ...
Brazil’s First Lady Clashes With Elon Musk Over Hacked X Account (Bloomberg) Janja has threatened to sue over slow response to breach. Musk says his platform bears no responsibility for hacking.